- May 25, 2013
the "getting traffic" is a minimal issue. When you have a bot system using it to issue attacks it can bring a site down.sites trying to get traffic, or comments - nothing good comes out enabling either of them.
Sucuri's article gives some information a small one
The Layer 7 attack vector it uses is a little harder to protect against without some work.In a recent case we investigated, 26,000 different WordPress sites were generating a sustained rate of 10,000 to 11,000 HTTPS requests per second against one website.
There is a list of some known sites that have not disabled it and have been used in attacks.. that's what is included in the article I have at https://servinglinux.com/articles/entry/3-ipset-to-block-ip-s-via-csfpre-sh/ for CSF ipset use.